If this is your first visit, be sure to
check out the Forum Rules by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

Hybrid View

S.E.T Error - unpack requires a string argument of length 8

Not sure if this is a bug, I just get this error every time I run S.E.T

Code:

[---] The Social-Engineer Toolkit (SET) [---]
[---] Written by: David Kennedy (ReL1K) [---]
[---] Development Team: Thomas Werth [---]
[---] Version: 1.4 [---]
[---] Codename: 'YAY DerbyCon Edition' [---]
[---] Report bugs to: davek@social-engineer.org [---]
[---] Follow me on Twitter: dave_rel1k [---]
[---] Homepage: http://www.secmaniac.com [---]
[---] Framework: http://www.social-engineer.org [---]
Welcome to the Social-Engineer Toolkit (SET). Your one
stop shop for all of your social-engineering needs..
DerbyCon 2011 Sep30-Oct02 - http://www.derbycon.com.
Tickets on sale NOW!
Select from the menu:
1. Spear-Phishing Attack Vectors
2. Website Attack Vectors
3. Infectious Media Generator
4. Create a Payload and Listener
5. Mass Mailer Attack
6. Teensy USB HID Attack Vector
7. SMS Spoofing Attack Vector
8. Wireless Access Point Attack Vector
9. Third Party Modules
10. Update the Metasploit Framework
11. Update the Social-Engineer Toolkit
12. Help, Credits, and About
13. Exit the Social-Engineer Toolkit
Enter your choice: 2
The Social-Engineer Toolkit "Web Attack" vector is a unique way of
utilizing multiple web-based attacks in order to compromise the
intended victim.
Enter what type of attack you would like to utilize.
The Java Applet attack will spoof a Java Certificate and
deliver a metasploit based payload. Uses a customized
java applet created by Thomas Werth to deliver
the payload.
The Metasploit browser exploit method will utilize select
Metasploit browser exploits through an iframe and deliver
a Metasploit payload.
The Credential Harvester Method will utilize web cloning
of a website that has a username and password field and
harvest all the information posted to the website.
The TabNabbing Method will wait for a user to move to a
different tab, then refresh the page to something different.
The Man Left in the Middle Attack Method was introduced by
Kos and utilizes HTTP REFERER's in order to intercept fields
and harvest data from them. You need to have an already vulnerable
site and incorporate <script src="http://YOURIP/">. This could either
be from a compromised site or through XSS.
The web jacking attack method was introduced by white_sheep, Emgent
and the Back|Track team. This method utilizes iframe replacements to
make the highlighted URL link to appear legitimate however when clicked
a window pops up then is replaced with the malicious link. You can edit
the link replacement settings in the set_config if its too slow/fast.
The multi-attack will add a combination of attacks through the web attack
menu. For example you can utilize the Java Applet, Metasploit Browser,
Credential Harvester/Tabnabbing, and the Man Left in the Middle attack
all at once to see which is successful.
1. The Java Applet Attack Method
2. The Metasploit Browser Exploit Method
3. Credential Harvester Attack Method
4. Tabnabbing Attack Method
5. Man Left in the Middle Attack Method
6. Web Jacking Attack Method
7. Multi-Attack Web Method
8. Create or import a CodeSigning Certificate
9. Return to the previous menu
Enter your choice (press enter for default): 1
The first method will allow SET to import a list of pre-defined
web applications that it can utilize within the attack.
The second method will completely clone a website of your choosing
and allow you to utilize the attack vectors within the completely
same web application you were attempting to clone.
The third method allows you to import your own website, note that you
should only have an index.html when using the import website
functionality.
[!] Website Attack Vectors [!]
1. Web Templates
2. Site Cloner
3. Custom Import
4. Return to main menu
Enter number (1-4): 1
Select a template to utilize within the web clone attack
1. Java Required
2. Gmail
3. Google
4. Facebook
5. Twitter
Enter the one to use: 3
[*] UPX packer not found in the pathname specified in config. Disabling UPX packing for executable! I noticed UPX wasn't installed at /pentest/database/sqlmap/lib/contrib/upx/linux/upx so I installed it to usr/bin/upx and updated the config but it still says [!] UPX was not detected. Try configuring the set_config again.
What payload do you want to generate:
Name: Description:
1. Windows Shell Reverse_TCP Spawn a command shell on victim and send back to attacker.
2. Windows Reverse_TCP Meterpreter Spawn a meterpreter shell on victim and send back to attacker.
3. Windows Reverse_TCP VNC DLL Spawn a VNC server on victim and send back to attacker.
4. Windows Bind Shell Execute payload and create an accepting port on remote system.
5. Windows Bind Shell X64 Windows x64 Command Shell, Bind TCP Inline
6. Windows Shell Reverse_TCP X64 Windows X64 Command Shell, Reverse TCP Inline
7. Windows Meterpreter Reverse_TCP X64 Connect back to the attacker (Windows x64), Meterpreter
8. Windows Meterpreter Egress Buster Spawn a meterpreter shell and find a port home via multiple ports
9. Windows Meterpreter Reverse HTTPS Tunnel communication over HTTP using SSL and use Meterpreter
10. Windows Meterpreter Reverse DNS Use a hostname instead of an IP address and spawn Meterpreter
11. SET Custom Written Interactive Shell This is the new custom interactive reverse shell designed for SET
12. RATTE HTTP Tunneling Payload This is a security bypass payload that will tunnel all comms over HTTP
13. Import your own executable Specify a path for your own executable
Enter choice (hit enter for default): 2
Below is a list of encodings to try and bypass AV.
Select one of the below, 'backdoored executable' is typically the best.
1. avoid_utf8_tolower (Normal)
2. shikata_ga_nai (Very Good)
3. alpha_mixed (Normal)
4. alpha_upper (Normal)
5. call4_dword_xor (Normal)
6. countdown (Normal)
7. fnstenv_mov (Normal)
8. jmp_call_additive (Normal)
9. nonalpha (Normal)
10. nonupper (Normal)
11. unicode_mixed (Normal)
12. unicode_upper (Normal)
13. alpha2 (Normal)
14. No Encoding (None)
15. Multi-Encoder (Excellent)
16. Backdoored Executable (BEST)
Enter your choice (enter for default): 16
[-] Enter the PORT of the listener (enter for default): 4444
[-] Backdooring a legit executable to bypass Anti-Virus. Wait a few seconds...
[-] Backdoor completed successfully. Payload is now hidden within a legit executable.[*] UPX Encoding is set to ON, attempting to pack the executable with UPX encoding.
[!] UPX was not detected. Try configuring the set_config again.[*] Digital Signature Stealing is ON, hijacking a legit digital certificate.
Something went wrong, printing the error: unpack requires a string argument of length 8

Re: S.E.T Error - unpack requires a string argument of length 8

In the results, there's a line in set_config that reads:
UPX_PATH=/pentest/database/sqlmap/lib/contrib/upx/linux/upx

tried to cd to that directory, but it is not there.

Then I did an apt-get install sqlmap. It's installed in /pentest/web/scanners/sqlmap

Try adjusting the that directive and see if that helps at all.

"Whatever happened to playing a hunch, Scully? The element of surprise, random acts of unpredictability? If we fail to anticipate the unforeseen or expect the unexpected in a universe of infinite possibilities, we may find ourselves at the mercy of anyone or anything that cannot be programmed, categorized or easily referenced."

Re: S.E.T Error - unpack requires a string argument of length 8

Sorry for the self-reply. I tried this out myself, and still getting the, "Something went wrong, printing the error: unpack requires a string argument of length 8".

adjusting the path to upx does seem to help the alleviate the first error, "UPX packer not found in the pathname"

Also, just noticed your note within your initial post.

Not sure how to fix this. I'm off to google-town.

"Whatever happened to playing a hunch, Scully? The element of surprise, random acts of unpredictability? If we fail to anticipate the unforeseen or expect the unexpected in a universe of infinite possibilities, we may find ourselves at the mercy of anyone or anything that cannot be programmed, categorized or easily referenced."

Re: S.E.T Error - unpack requires a string argument of length 8

I think this has something to do with the DIGITAL_SIGNATURE_STEAL=ON directive, in set_config.

The reason I think this, is because, the point when SET reaches this:
[*] Digital Signature Stealing is ON, hijacking a legit digital certificate.

This is when SET throws the "unpack requires a string argument of length 8".

Going in, and changing the DIGITAL_SIGNATURE_STEAL to OFF, and the attack plays out.

I did a dpkg --get-selections | grep pefile, and python-pefile is is installed.

That's about all I can figure out, at this point. Hope that helps.

"Whatever happened to playing a hunch, Scully? The element of surprise, random acts of unpredictability? If we fail to anticipate the unforeseen or expect the unexpected in a universe of infinite possibilities, we may find ourselves at the mercy of anyone or anything that cannot be programmed, categorized or easily referenced."

[-] Backdooring a legit executable to bypass Anti-Virus. Wait a few seconds...
[-] Backdoor completed successfully. Payload is now hidden within a legit executable.[*] UPX Encoding is set to ON, attempting to pack the executable with UPX encoding.[*] Packing the executable with UPX, one moment.[*] Digital Signature Stealing is ON, hijacking a legit digital certificate.

Re: S.E.T Error - unpack requires a string argument of length 8

in addition to digital signature stealing, you can do additional packing by using UPX. This is installed by default on Back|Track linux, if this is set to ON and it does not find it, it will still continue but disable the UPX packing.

"Whatever happened to playing a hunch, Scully? The element of surprise, random acts of unpredictability? If we fail to anticipate the unforeseen or expect the unexpected in a universe of infinite possibilities, we may find ourselves at the mercy of anyone or anything that cannot be programmed, categorized or easily referenced."